keystone-engine / keypatch Goto Github PK

Traceback (most recent call last):
File "D:/crack/PC/IDA 7.0/plugins/keypatch.py", line 1554, in activate
self.plugin.patcher()
File "D:/crack/PC/IDA 7.0/plugins/keypatch.py", line 1814, in patcher
selection, addr_begin, addr_end = read_range_selection()
File "D:\crack\PC\IDA 7.0\python\ida_kernwin.py", line 2062, in read_range_selection
return _ida_kernwin.read_range_selection(*args)
TypeError: read_range_selection expected 1 arguments, got 0

Details
Recently，as a software reverse newbee. I’m try to crack a Ali crackme.apk(attachment).
Find the check func is in Android Native Code .So I use IDA Pro to dynamic debugging, find anti-debug method. I need to Turn around this ，I need to alter the memory and didn't find the function in IDA like OllyDBG to alter binary code by alter ASM sentences. So I’d
like to appreciate to god that I find. the great works you have built ,And I find some problems(big endian and little endian’ switch) as I twitter U.

A little Suggestion
If this is my project , I would like to switch endian Mode can be choose by user. If occur a error，it can be corrected manually.

THX
TwitterFromDelphicGeek.zip

I use Windows 10 platform.
Open the IDA, and load keystone plugin, but it did not work.
here is my problem:
E:\IDA 7.0\plugins\keypatch.py: invalid syntax (E:/IDA 7.0/plugins/keypatch.py, line 7)
Traceback (most recent call last):
File "E:\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "E:/IDA 7.0/plugins/keypatch.py", line 7

^
SyntaxError: invalid syntax

I installed the .msi in your website, and copied the keypatch.py to the plugins folder.

How can I fix it?Thank you.

Sorry,I copyed the wrong python27.dll(32bit) to ida directory.

Hello,
I'm working with Cortex-M3 firmware images. This MCU only supports Thumb2 instructions, which might be the reason why these files are neither 32 or 64 bit in the info structure. That's how I solved this problem for me:

diff --git a/keypatch.py b/keypatch.py
index a8ea4da..a9a13f4 100644
--- a/keypatch.py
+++ b/keypatch.py
@@ -106,6 +106,9 @@ class Keypatch_Asm:
                     mode = KS_MODE_ARM | KS_MODE_LITTLE_ENDIAN
                 else:
                     mode = KS_MODE_ARM | KS_MODE_BIG_ENDIAN
+            else:
+                arch = KS_ARCH_ARM
+                mode = KS_MODE_THUMB | KS_MODE_LITTLE_ENDIAN
         elif cpuname.startswith("sparc"):
             arch = KS_ARCH_SPARC
             if info.is_64bit():

"ImportError: cannot import name arm_const"

Hi,

I want to install keystone on my Mac 10.12.6, IDA Pro 7.0;

After following the instructions https://github.com/keystone-engine/keypatch/issues/28, I installed all required python and dylib. And keystone can be import from my own /usr/bin/python.

However, I got an ImportError: cannot import name arm_const when import keystone in the console of ida and don't know why.

I wasted several hours on searching the solution but nothing worked.

Any suggestions?

Thanks!

C:\Users\Tuan Linh\Desktop\IDA7.0\IDAPro7.0.Green.patch\plugins\keypatch.py: Attempted relative import in non-package
Traceback (most recent call last):
File "C:\Users\Tuan Linh\Desktop\IDA7.0\IDAPro7.0.Green.patch\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
I was trying install Keypatch on IDA 7.0 on Windows and got this error.

File "C:/Users/Tuan Linh/Desktop/IDA7.0/IDAPro7.0.Green.patch/plugins/keypatch.py", line 23, in
from keystone import *
File "C:\Users\Tuan Linh\Desktop\IDA7.0\IDAPro7.0.Green.patch\python\keystone.py", line 9, in
from . import arm_const, arm64_const, mips_const, sparc_const, hexagon_const, ppc_const, systemz_const, x86_const
ValueError: Attempted relative import in non-package

I use IDA7.0 on Win10.When I follow your step to install the latest keypatch,IDA 7.0 cannot import this plugins.

the step I follow

1. download the keypatch from github [https://github.com/keystone-engine/keypatch] and place keypatch.py into IDA 7.0/plugins/

2. download the 64-bit keystone msi [http://www.keystone-engine.org/download/] and install the keystone module,because i use 64-bit python2.7.13 in my os.

but it doesn't work,and got these error:(from IDA output window)

  bytes   pages size description
--------- ----- ---- --------------------------------------------
   262144    32 8192 allocating memory for b-tree...
    65536     8 8192 allocating memory for virtual array...
   262144    32 8192 allocating memory for name pointers...
-----------------------------------------------------------------
   589824            total memory allocated

Loading processor module D:\Program Files\IDA 7.0\procs\pc64.dll for metapc...OK
Loading type libraries...
Autoanalysis subsystem has been initialized.
D:\Program Files\IDA 7.0\plugins\keypatch.py: ERROR: fail to load the dynamic library.
Traceback (most recent call last):
  File "D:\Program Files\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
    execfile(script, g)
  File "D:/Program Files/IDA 7.0/plugins/keypatch.py", line 53, in <module>
    from keystone import *
  File "D:\python\python2\lib\site-packages\keystone\__init__.py", line 4, in <module>
    from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, __version__
  File "D:\python\python2\lib\site-packages\keystone\keystone.py", line 75, in <module>
    raise ImportError("ERROR: fail to load the dynamic library.")
ImportError: ERROR: fail to load the dynamic library.

Database for file 'vul' has been loaded.
Hex-Rays Decompiler plugin has been loaded (v7.0.0.170914)
  License: 55-BAE5-8A04-93 Jiang Ying, Personal license (1 user)
  The hotkeys are F5: decompile, Ctrl-F5: decompile all.
  Please check the Edit/Plugins menu for more informaton.
IDAPython Hex-Rays bindings initialized.
D:\Program Files\IDA 7.0\plugins\keypatch.py: cannot import name arm_const
Traceback (most recent call last):
  File "D:\Program Files\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
    execfile(script, g)
  File "D:/Program Files/IDA 7.0/plugins/keypatch.py", line 53, in <module>
    from keystone import *
  File "D:\python\python2\lib\site-packages\keystone\__init__.py", line 2, in <module>
    from . import arm_const, arm64_const, mips_const, sparc_const, hexagon_const, systemz_const, ppc_const, x86_const
ImportError: cannot import name arm_const

---------------------------------------------------------------------------------------------
Python 2.7.13 (v2.7.13:a06454b1afa1, Dec 17 2016, 20:53:40) [MSC v.1500 64 bit (AMD64)] 
IDAPython 64-bit v1.7.0 final (serial 0) (c) The IDAPython Team <[email protected]>
---------------------------------------------------------------------------------------------

I dive into deep step

When I google to solve this problem,I find your install tips from http://www.keystone-engine.org/keypatch/

A1. Windows

It is easiest to just download & install Python 2.7 module for Windows from http://www.keystone-engine.org/download. Be sure to get the 32-bit version, regardless of your Windows edition. 【32-bit python?】

If you prefer to compile from source, just use MSVC 32-bit & follow the instructions in Windows documentation to build keystone.dll. After that, install Python module as in Python documentation. Then copy keystone.dll to the directory of Keystone Python module.

In case you did all the above steps, but IDA still complains “fail to load the dynamic library”, then copy the whole directory keystone at C:\Python27\Lib\site-packages\keystone to C:\Program Files (x86)\IDA 6.8\python, so you have directory C:\Program Files (x86)\IDA 6.8\python\keystone after that (Use your actual IDA directory instead).

so I change my python-64-bit to python-32-bit,and reinstall the keystone-32bit-msi,at the same time,I copy the modles D:\python\python2\Lib\site-packages\keystone to D:\Program Files\IDA 7.0\python,and still get the same error in IDA7.0 output windows,

So what's the problem?

 File "D:/Program Files/IDA 7.0/plugins/keypatch.py", line 53, in <module>
    from keystone import *
  File "D:\python\python2\lib\site-packages\keystone\__init__.py", line 2, in <module>
    from . import arm_const, arm64_const, mips_const, sparc_const, hexagon_const, systemz_const, ppc_const, x86_const
ImportError: cannot import name arm_const

notice this "D:\python\python2\lib\site-packages\keystone_init_.py" is not the correct format in window,and the modle import failed,it the keypatch.py and kestone modle for python something wrong?

Hello,

Installed keystone engine using pip and everything is working fine from python (no venv here). However, IDA (6.95.160808 (64-bit or 32-bit)) cannot find the module.

Probably a symlink problem...

Thanks!

Keypatch: attempt to modify "SUB SP, SP, #8" at 0xB618 to "SUB SP, SP, #0xc"
Keypatch: successfully patched 4 byte(s) at 0xB618 from [82 B0 19 A9] to [0C D0 4D E2]
this should be from [82 B0 19 A9] to [83 B0 19 A9].

immediately after install on v6.95.160808 I get the following err on startup.

keypatch.py: name 'KS_ARCH_X86' is not defined
Traceback (most recent call last):
  File "C:\Program Files (x86)\IDA 6.95\python\ida_idaapi.py", line 509, in IDAPython_ExecScript execfile(script, g)
  File "C:/Program Files (x86)/IDA 6.95/plugins/keypatch.py", line 111, in <module> class Keypatch_Asm:
  File "C:/Program Files (x86)/IDA 6.95/plugins/keypatch.py", line 114, in Keypatch_Asm
"X86 16-bit": (KS_ARCH_X86, KS_MODE_16),                # X86 16-bit NameError: name 'KS_ARCH_X86' is not defined

When the base address is relatively large, the transfer instruction will fail to assemble

When i try to patch and hit CTRL+Alt+K i get the patch window but the default fixup & encode tab show a different value than the Original tab.
This means that if i want to change a command i need to retype it all.
e.g. change jnz loc_12345678 ==> jmp loc_1234567

is this intentional or a bug?

i am using IDA 7 on win10 with keypatch (2.2) 2.1 is not working with IDA 7

we maintain a TODO list for Keypatch at https://github.com/keystone-engine/keypatch/wiki.

if you want to contribute, feel free to pick up something from the list. look forward to pull requests, thanks!

if you want to request new features for the next version of Keypatch, put your thoughts here in this issue.

Since IDA 7.2 beta (and including the final release), the Patcher menu no longer works. Instead, the following is presented to the user:

Hi,

Is it possible to port it to ida 7.4 please ?

Please add instllation guid to keypatch(and ketstone) if I use ida pro on windows

Thank

IDA 7.0 is now a native x64 application, which means it is now using Python 2.7 x64. So it would be great if we can update the appendix.

It is supported?

Hi,
After digging around I found the bug for the "Fail to load the dynamic library.
Stracing IDA shows that it search for a libkeystone.so and not a libkeystone.so.0.
Also in your documentation under linux it's not working if you copy the keystone folder in ida-xx/python.
We must copy it to /opt/ida-xxx/python/lib/python2.7.
Then renaming the lib did the tricks.

Loading processor module /opt/ida-6.95/procs/arm.ilx for ARM...OK
keypatch.py: ERROR: fail to load the dynamic library.
Traceback (most recent call last):
File "/opt/ida-6.95/python/ida_idaapi.py", line 509, in IDAPython_ExecScript
execfile(script, g)
File "/opt/ida-6.95/plugins/keypatch.py", line 23, in
from keystone import *
File "/opt/ida-6.95/python/lib/python2.7/keystone/init.py", line 4, in
from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, version
File "/opt/ida-6.95/python/lib/python2.7/keystone/keystone.py", line 74, in
raise ImportError("ERROR: fail to load the dynamic library.")
ImportError: ERROR: fail to load the dynamic library.

Failed while executing plugin_t.init():
Traceback (most recent call last):
File "C:/Program Files/IDA 7.0/plugins/keypatch.py", line 1499, in init
menu = idaapi.add_menu_item("Edit/Keypatch/", "Patcher (Ctrl-Alt-K)", "", 1, self.patcher, None)
AttributeError: 'module' object has no attribute 'add_menu_item'

The situation I'm running into is follows:

1. I patch an instruction with keypatch, using IDA's Edit->Patch Program->Apply Patches to Input File
2. I undo that patch

In this case if I go to Apply Patches to Input File again, IDA would think there's no bytes to be patched (because the database is the same as the initial database) as it shows Applied 0/0 patch(es), but in the real world, the binary has already been patched since step 1, and this is not undone. Thus I'm curious what's the correct way to export the patched idb with undos from keypatch?

I followed all the solution i could find for this.
in short, after running: keystone-0.9.1-python-win32.msi
I copied the entire
c:\Python27\Lib\site-packages\keystone\ to
c:\Program Files\IDA 7.0\python\keystone\

copied keypatch.py (v2.1)
to
c:\Program Files\IDA 7.0\plugins\

python27 in in my $PATH
I still get errors.
Any ideas what i can do?

I also verified i have VC++ (2017) x86 installed

C:\Program Files\IDA 7.0\plugins\keypatch.py: ERROR: fail to load the dynamic library.
Traceback (most recent call last):
File "C:\Program Files\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "C:/Program Files/IDA 7.0/plugins/keypatch.py", line 23, in
from keystone import *
File "C:\Program Files\IDA 7.0\python\keystone_init.py", line 4, in
from .keystone import Ks, ks_version, ks_arch_supported, version_bind, debug, KsError, version
File "C:\Program Files\IDA 7.0\python\keystone\keystone.py", line 74, in
raise ImportError("ERROR: fail to load the dynamic library.")
ImportError: ERROR: fail to load the dynamic library.

Database for file 'DaPainter.exe' has been loaded.
Hex-Rays Decompiler plugin has been loaded (v7.0.0.170914)
License: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The hotkeys are F5: decompile, Ctrl-F5: decompile all.
Please check the Edit/Plugins menu for more informaton.
IDAPython Hex-Rays bindings initialized.
C:\Program Files\IDA 7.0\plugins\keypatch.py: cannot import name arm_const
Traceback (most recent call last):
File "C:\Program Files\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "C:/Program Files/IDA 7.0/plugins/keypatch.py", line 23, in
from keystone import *
File "C:\Program Files\IDA 7.0\python\keystone_init_.py", line 2, in
from . import arm_const, arm64_const, mips_const, sparc_const, hexagon_const, systemz_const, ppc_const, x86_const
ImportError: cannot import name arm_const_

Hello, please let me ask your....

Is there any plan to support JAVA patching?

Thanks in advance.

Failed while executing plugin_t.init():
Traceback (most recent call last):
File "D:/IDA 7.0/plugins/keypatch.py", line 1499, in init
menu = idaapi.add_menu_item("Edit/Keypatch/", "Patcher (Ctrl-Alt-K)", "", 1, self.patcher, None)
AttributeError: 'module' object has no attribute 'add_menu_item'

it seems that the changes are in the idb file,thanks

Hi y'all, trying to install keypatch on Ubuntu 16.04.1 LTS:

Followed the instructions but can't get IDA to load the keypatch plugin successfully.

First error I get when starting IDA 6.95 is:

keypatch.py: ERROR: fail to load the dynamic library.
and
keypatch.py: cannot import name arm_const

even though:

xxx@xxx:/opt/ida-6.95/python/lib/python2.7/dist-packages/keystone
-rwxr-xr-x 1 root root 6497308 Aug 31 22:38 libkeystone.so.0

help appreciated!

I use IDA 7.0.170914 on Windows 10 x64 with Keypatch v2.2.
When i try to patch instructions, I always get the "FAILED to process this input" error.

Keypatch: attempting to fill range [0x100DE6:0x100DE5] with "mov eax, 42"
Keypatch: successfully filled range [0x100DE6:0x100DE5] (0 bytes) with "mov eax, 42", replaced ""
Keypatch: FAILED to process this input 'mov eax, 42'
Keypatch: successfully reverted 0 byte(s) at 0x100DE6 from [] to []

I use IDAP Pro 7.1 wich keypatcher 2.2. At address 0048ED60 I want to insert some code:

I inserted push esp:

After hitting the patch button I get this:

That is correct. IDA tries to interpret the code. When I now try to continue editing lie in this screenshot:

and hit the Patch button, then I get the following error.

In order to make the plugin work I need to cancel editing after the first operation. Go to the edited address 0048ED60 and hit u für undefine. After that I can continue with the keypatcher.

Can you please fix that? It makes multi editing very hard.

Hello!
I have a problem using keypatch under IDA.
It is about the LDR instruction.The instruction binary generated by Keypatch is different from the original instruction binary.
See the figure below for details:

try yourself to assemble an instruction that match pattern movzx r*, *h
like

movzx r8, dh
movzx r10, ah
movzx r15, ch

etc.

Since we have supported IDA 7.00 and some new bugs have been solved, maybe it is time to pack a new release version?

It would be great to be able to change string values directly.

There should be a field to change the String value directly.

Keypatch has problems in IDA 6.9 on Linux x64. I think this is because in Linux x64 IDA will use it's built-in Python, which is 32 bit, instead of the system's 64 bit Python. This is messy, but it is how IDA works currently, so we need to work around it (a pure IDA 64 bit version is promised soon).

In order to use Keypatch, you need to do the following steps:
1- Follow instructions in the README:
$ git clone https://github.com/keystone-engine/keystone/
$ mkdir build
$ cd build
$ ../make-share.sh lib32 lib_only
<------ STOP HERE (Readme will tell you to do make install)

2- Copy python bindings to IDA Python
$ cp -r bindings/python/keystone IDA_DIR/python/

3- Copy distutils from your distro's Python to IDA
$ cp -r /usr/lib/python2.7/distutils IDA_DIR/python/

4- Copy the 32 bit Keystone libraries to IDA's Python seach path
$ mkdir -p /python/lib/python2.7/dist-packages/keystone
$ cp build/llvm/lib/libkeystone.so.* IDA_DIR/python/lib/python2.7/dist-packages/keystone

5- Finally copy keypatch.py to IDA_DIR/plugins/

All done, works like a charm now.

I followed all the installation steps, but I received these errors:

C:\Program Files\IDA 7.0\plugins\keypatch.py: No module named six
Traceback (most recent call last):
File "C:\Program Files\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "C:/Program Files/IDA 7.0/plugins/keypatch.py", line 56, in
import six
ImportError: No module named six

I use command

kstool arm 'b -0x168'

but i got

ERROR: Invalid operand (KS_ERR_ASM_INVALIDOPERAND)

Can anyone help me to solve this?

One picture says it all.

Confirmed with http://armconverter.com/

This happens too with KeyStone python binding

KeyStone did not take the address of the B.COND instructions into consideration (i.e. nothing happens if the second param is changed).

Steps to reproduce:

1. Open a 64-bit application in IDA 7.0, for example, firefox.exe.
2. At the beginning of 'main()' function try to patch 'jmp main'. The dialog would show:

Assembly: jmp main
- Fixup:  jmp 0x40001090
- Encode: ...

if you replace it with jmp 0x140001090, then it works.

Following the installation instructions, I completed the installation of keypatch.

• But when I launch the IDA, I got the following warning:

Failed while executing plugin_t.init():
Traceback (most recent call last):
  File "C:/Program Files/IDA 7.0/plugins/keypatch.py", line 1499, in init
    menu = idaapi.add_menu_item("Edit/Keypatch/", "Patcher     (Ctrl-Alt-K)", "", 1, self.patcher, None)
AttributeError: 'module' object has no attribute 'add_menu_item'

The Python27 version on my pc is Python 2.7.14 (v2.7.14:84471935ed, Sep 16 2017, 20:25:58) [MSC v.1500 64 bit (AMD64)], and I have installed keystone correctly on my pc.

• I print my system path in IDA console:

Python>print sys.path
['C:\\Windows\\SYSTEM32\\python27.zip', 'C:\\Program Files\\python2\\Lib', 'C:\\Program Files\\python2\\DLLs', 'C:\\Program Files\\python2\\Lib\\lib-tk', 'C:\\Program Files\\IDA 7.0\\python', 'C:\\Program Files\\python2', 'C:\\Program Files\\python2\\lib\\site-packages', 'C:\\Program Files\\IDA 7.0\\python\\lib\\python2.7\\lib-dynload\\ida_64', 'C:\\Program Files\\IDA 7.0\\python', 'C:/Program Files/IDA 7.0/plugins', 'C:/Program Files/IDA 7.0/loaders']

• And Keystone:

Python>print keystone
<module 'keystone.keystone' from 'C:\Program Files\python2\lib\site-packages\keystone\keystone.py'>

Any suggestions?

D:\IDA 7.0\plugins\keypatch.py: cannot import name arm_const
Traceback (most recent call last):
File "D:\IDA 7.0\python\ida_idaapi.py", line 553, in IDAPython_ExecScript
execfile(script, g)
File "D:\IDA 7.0\plugins\keypatch.py", line 23, in
from keystone import *
File "C:\Python27\lib\site-packages\keystone_init_.py", line 2, in
from . import arm_const, arm64_const, mips_const, sparc_const, hexagon_const, systemz_const, ppc_const, x86_const
ImportError: cannot import name arm_const

IDA 7.0
The latest version of keypatch

so link: https://drive.google.com/file/d/1xHsJ1DAwy6FkuhOuvCTaHGH7QP0g974D/view?usp=sharing

in .text:0000F2F0
MOV R0, #0x9F858692

I want to change 0x9F858692 to 0x98858692, that is MOV R0, #0x9F858692 to MOV R0, #0x98858692, but keypatch fails to decompile bytecode

The error is reported as follows:

Function patch() takes a lot of time to analyze code in cases where a function has chunks at addresses lower than its start. I'm talking about this:

        # ask IDA to re-analyze the patched area
        if orig_func_end == idc.BADADDR:
            # only analyze patched bytes, otherwise it would take a lot of time to re-analyze the whole binary
            idaapi.analyze_area(address, address + patched_len + 1)
        else:
            idaapi.analyze_area(address, orig_func_end)
            # try to fix IDA function re-analyze issue after patching
            idaapi.func_setend(address, orig_func_end)

In IDA v7.0 is apparently enough to do only idaapi.analyze_area(address, address + patched_len + 1).

Followed the instructions on a Mac with the latest IDA 7, but getting an ImportError.
keypatch.py: cannot import name arm_const

Any suggestions?

Installed newest Keypatch but getting:

keypatch.py: name 'KS_ARCH_X86' is not defined
Traceback (most recent call last):
File "\python\3\ida_idaapi.py", line 615, in IDAPython_ExecScript
exec(code, g)
File "/plugins/keypatch.py", line 265, in
class Keypatch_Asm:
File "/plugins/keypatch.py", line 268, in Keypatch_Asm
"X86 16-bit": (KS_ARCH_X86, KS_MODE_16), # X86 16-bit
NameError: name 'KS_ARCH_X86' is not defined

Tried everything but it won't go away.

Open the Term

and typed "sudo pip install keystone-engine", but it can not be compiled on my Mac.

here are the problems:

So how do I fix it? Thank you.

P.S. I use MacOS 10.14 Mojave beta 5.

I want to patch the RVA of the entrypoint in a PE file. Here is an example:

It turn out that I cannot modify the content. Alway getting this error:

Here is which options I tried:

The initial autoanalysis has been finished.
Keypatch: attempting to modify "dd rva _mainCRTStartup" at 0x4000A8 to "dd rva 1a00h, rva 1a00h"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 1a00h, 1a00h"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 001ah, 001ah"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 0x001a"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 0x1a00"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 0x401a00"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "0x1a00"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 1222h"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 001ah, 001ah"
Keypatch: attempting to modify "dd 1220h" at 0x4000A8 to "dd 1220h, 1220h"

When trying to do something like this:

You get the following error:

Is there a way that keypatcher auto resolve the addresses?

Hello
The latest release https://github.com/keystone-engine/keypatch/releases
have code for adding the action menu to ida 7.x ,however since the release is missing the version check
if idaapi.IDA_SDK_VERSION >= 700:
it jumps to the older
idaapi.add_menu_item
Maybe push the latest comments to a new release so this is avoided, since with the version check, all is working flawless.

keep up the awsome work.